From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1I18Gv-0001MR-UD for garchives@archives.gentoo.org; Wed, 20 Jun 2007 22:03:30 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l5KM21RO016101; Wed, 20 Jun 2007 22:02:01 GMT Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l5KLwvFV010636 for ; Wed, 20 Jun 2007 21:59:02 GMT Received: from ip6-localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 0B58164D4D for ; Wed, 20 Jun 2007 21:59:02 +0000 (UTC) From: Mike Frysinger Organization: wh0rd.org To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] how to handle sensitive files when generating binary packages Date: Wed, 20 Jun 2007 17:59:39 -0400 User-Agent: KMail/1.9.7 References: <200706200047.04951.vapier@gentoo.org> <200706201738.22916.vapier@gentoo.org> <20070620224849.0c1aa71c@snowflake> In-Reply-To: <20070620224849.0c1aa71c@snowflake> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1458810.ic2omBeXRn"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200706201759.39553.vapier@gentoo.org> X-Archives-Salt: 0a020383-9564-4f0a-8b1a-d942ecc8bae6 X-Archives-Hash: eaf438432e7deb7b395ed015e1e2582f --nextPart1458810.ic2omBeXRn Content-Type: text/plain; charset="iso-8859-6" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wednesday 20 June 2007, Ciaran McCreesh wrote: > Mike Frysinger wrote: > > On Wednesday 20 June 2007, Ciaran McCreesh wrote: > > > Mike Frysinger wrote: > > > > > The specific underlying question being, what are the use cases > > > > > for binary packages? > > > > > > > > the use of the binpkg is not an issue, it's the creation ... > > > > people blindly creating tbz2's which could contain their > > > > sensitive files and posting them > > > > > > Use cases include all aspects of use, including creation. > > > > extended analysis on the use cases is irrelevant in the scope of this > > thread > > No it isn't. You're talking about making a change, but you haven't > established that you're changing the right thing or that the scope of > your change is optimal. There's a good chance in this case that the > problem you're attempting to solve is better solved by a change in a > slightly different area. feel free to ponder whatever you like, the issue lies purely in the creatio= n=20 of the tarball which is what i will address in quickpkg =2Dmike --nextPart1458810.ic2omBeXRn Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (GNU/Linux) iQIVAwUARnmjS0FjO5/oN/WBAQLtaRAAtSZPfJGGOVWYsJjnas3CsFa4OgfzS0Ro bICI8zkhnWtFtQgjkQyPlolWoZm8fu+WFygLPsyi601ybqhg8lXqm8go4jaDOo5H l4NI1AlIohp1/BSjId0LfV9A4soLbPs7tUP4FuPq5tRcTyPrD9ei7OU6dEwujGbQ f/JytqpYpmuuNoBx3u1EQtYdIi9AduElFN3U+z0ZhdKsqh940P+zzksUH3wLKNeM a7aRchAD2kO4Fs4XClxKeTb+jzWtmsG3IQlK9PIJ7qsCaPT5gPFNK4q8DlMr2/7/ PNXO/5rmseRG5dCthykuM/D9fPBYO7hLtFhceAeMlYqQy6kKKRzmvQgcO4My1u1l kFxIokAVoHO4WipZHJvWwbUUd8Ehq8D9twBgojOnG1lxxzSdBkAfF67wiXTDMSIr thRlOs/nC1iHwH+zUQewi8k6pZqh/300hf6ct3a7HWZ8QeoLyISebv/EM8XlOvaE GAcwqq9o3thcrLisXfRfVeN1n7zOtl4Se6vIK5tmPp8uLWPKhAev0vA86og1Xmdl 8ouRNjoFG6EnDIIki1VRX4yvSlM5y59vi348D/GC3MjGbKrHGTpgoI3DDG3v1EEm cW0dk611fIctOC635z7oPjolpC+RMZSekXtpAOBP8NapjUt6KZKS3gl09ekPJUgn MyNgLo0RNoU= =gWeS -----END PGP SIGNATURE----- --nextPart1458810.ic2omBeXRn-- -- gentoo-dev@gentoo.org mailing list